Primary

Context

Qualcomm Snapdragon Chipsets Use-After-Free Vulnerability in Automotive Audio

Vulnerability

A use-after-free vulnerability has been identified in various chipsets of Qualcomm Snapdragon products, specifically within the automotive audio domain. This vulnerability leads to memory corruption by allowing simultaneous handling of different IOCTL calls from user space, creating the potential for unauthorized access or manipulation of memory.

Impact

Exploitation of this vulnerability causes memory corruption, which can lead to arbitrary code execution or other unintended behavior by manipulating the program's memory management.

Remediation

Qualcomm has released patches for this vulnerability. Instructions for applying the patch can be found in the Qualcomm March 2026 Security Bulletin.

Added: Mar 2, 2026, 6:05 PM

Updated: Mar 2, 2026, 9:42 PM

Affected Products

Qualcomm AR8035

Moderate fix1 remedy

cpe:2.3:h:qualcomm:ar8035:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm CSRA6620

Moderate fix1 remedy

cpe:2.3:o:qualcomm:csra6620_firmware:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm CSRA6640

Moderate fix1 remedy

cpe:2.3:h:qualcomm:csra6640:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm FastConnect 6200

Moderate fix1 remedy

cpe:2.3:h:qualcomm:fastconnect_6200:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm FastConnect 6700

Moderate fix1 remedy

cpe:2.3:h:qualcomm:fastconnect_6700:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm FastConnect 6800

Moderate fix1 remedy

cpe:2.3:h:qualcomm:fastconnect_6800:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm FastConnect 6900

Moderate fix1 remedy

cpe:2.3:h:qualcomm:fastconnect_6900:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm FastConnect 7800

Moderate fix1 remedy

cpe:2.3:o:qualcomm:fastconnect_7800_firmware:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm Flight RB5 5G Platform

Moderate fix1 remedy

cpe:2.3:h:qualcomm:flight_rb5_5g_platform:*:*:*:*:*:*:*, +3 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm FWA Gen 3 Ultra Platform

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm G1 Gen 1

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm LeMans_AU_LGIT

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm LeMansAU

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm MDM9628

Moderate fix1 remedy

cpe:2.3:h:qualcomm:mdm9628:*:*:*:*:*:*:*, +3 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm Milos

0 remedies

Qualcomm QAM8255P

Moderate fix1 remedy

cpe:2.3:o:qualcomm:qam8255p_firmware:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm QAM8295P

Moderate fix1 remedy

cpe:2.3:h:qualcomm:qam8295p:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm QAMSRV1H

Moderate fix1 remedy

cpe:2.3:o:qualcomm:qamsrv1h_firmware:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm QAMSRV1M

Moderate fix1 remedy

cpe:2.3:h:qualcomm:qamsrv1m:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm QCA2066

Moderate fix1 remedy

cpe:2.3:o:qualcomm:qca2066_firmware:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm QCA6174A

Moderate fix1 remedy

cpe:2.3:h:qualcomm:qca6174a:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm QCA6391

Moderate fix1 remedy

cpe:2.3:o:qualcomm:qca6391_firmware:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm QCA6564A

Moderate fix1 remedy

cpe:2.3:o:qualcomm:qca6564a_firmware:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm QCA6564AU

Moderate fix1 remedy

cpe:2.3:h:qualcomm:qca6564au:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm QCA6574

Moderate fix1 remedy

cpe:2.3:o:qualcomm:qca6574_firmware:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm QCA6574A

Moderate fix1 remedy

cpe:2.3:h:qualcomm:qca6574a:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm QCA6574AU

Moderate fix1 remedy

cpe:2.3:o:qualcomm:qca6574au_firmware:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm QCA6584AU

Moderate fix1 remedy

cpe:2.3:o:qualcomm:qca6584au_firmware:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm QCA6595

Moderate fix1 remedy

cpe:2.3:o:qualcomm:qca6595_firmware:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm QCA6595AU

Moderate fix1 remedy

cpe:2.3:h:qualcomm:qca6595au:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm QCA6678AQ

Moderate fix1 remedy

cpe:2.3:o:qualcomm:qca6678aq_firmware:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm QCA6688AQ

Moderate fix1 remedy

cpe:2.3:o:qualcomm:qca6688aq_firmware:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm QCA6696

Moderate fix1 remedy

cpe:2.3:o:qualcomm:qca6696_firmware:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm QCA6698AQ

Moderate fix1 remedy

cpe:2.3:o:qualcomm:qca6698aq_firmware:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm QCA6698AU

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm QCA6797AQ

Moderate fix1 remedy

cpe:2.3:h:qualcomm:qca6797aq:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm QCA8081

Moderate fix1 remedy

cpe:2.3:h:qualcomm:qca8081:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm QCA8337

Moderate fix1 remedy

cpe:2.3:o:qualcomm:qca8337_firmware:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm QCA8695AU

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm QCA9367

Moderate fix1 remedy

cpe:2.3:o:qualcomm:qca9367_firmware:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm QCA9377

Moderate fix1 remedy

cpe:2.3:o:qualcomm:qca9377_firmware:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm QCC710

Moderate fix1 remedy

cpe:2.3:o:qualcomm:qcc710_firmware:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm QCM2290

Moderate fix1 remedy

cpe:2.3:o:qualcomm:qcm2290_firmware:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm QCM4325

Moderate fix1 remedy

cpe:2.3:o:qualcomm:qcm4325_firmware:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm QCM5430

Moderate fix1 remedy

cpe:2.3:h:qualcomm:qcm5430:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm QCM6125

Moderate fix1 remedy

cpe:2.3:o:qualcomm:qcm6125_firmware:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm QCM6490

Moderate fix1 remedy

cpe:2.3:h:qualcomm:qcm6490:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm QCN6224

Moderate fix1 remedy

cpe:2.3:o:qualcomm:qcn6224_firmware:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm QCN6274

Moderate fix1 remedy

cpe:2.3:h:qualcomm:qcn6274:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm QCN9011

Moderate fix1 remedy

cpe:2.3:h:qualcomm:qcn9011:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm QCN9012

Moderate fix1 remedy

cpe:2.3:o:qualcomm:qcn9012_firmware:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm QCS2290

Moderate fix1 remedy

cpe:2.3:o:qualcomm:qcs2290_firmware:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm QCS4290

Moderate fix1 remedy

cpe:2.3:o:qualcomm:qcs4290_firmware:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm QEP8111

Moderate fix1 remedy

cpe:2.3:o:qualcomm:qep8111_firmware:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm QFW7114

Moderate fix1 remedy

cpe:2.3:h:qualcomm:qfw7114:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm QFW7124

Moderate fix1 remedy

cpe:2.3:h:qualcomm:qfw7124:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm QRB5165M

Moderate fix1 remedy

cpe:2.3:o:qualcomm:qrb5165m_firmware:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm QRB5165N

Moderate fix1 remedy

cpe:2.3:o:qualcomm:qrb5165n_firmware:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm Qualcomm 215 Mobile Platform

Moderate fix1 remedy

cpe:2.3:o:qualcomm:qualcomm_215_mobile_platform_firmware:*:*:*:*:*:*:*, +3 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm Qualcomm® Video Collaboration VC1 Platform

Moderate fix1 remedy

cpe:2.3:h:qualcomm:qualcomm_video_collaboration_vc1_platform:*:*:*:*:*:*:*, +3 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm Qualcomm® Video Collaboration VC3 Platform

Moderate fix1 remedy

cpe:2.3:o:qualcomm:qualcomm_video_collaboration_vc3_platform_firmware:*:*:*:*:*:*:*, +3 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm Qualcomm® Video Collaboration VC5 Platform

Moderate fix1 remedy

cpe:2.3:h:qualcomm:qualcomm_video_collaboration_vc5_platform:*:*:*:*:*:*:*, +3 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm Robotics RB2 Platform

Moderate fix1 remedy

cpe:2.3:h:qualcomm:robotics_rb2:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm Robotics RB5 Platform

Moderate fix1 remedy

cpe:2.3:h:qualcomm:robotics_rb5_platform:*:*:*:*:*:*:*, +5 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm SA4150P

Moderate fix1 remedy

cpe:2.3:o:qualcomm:sa4150p_firmware:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm SA4155P

Moderate fix1 remedy

cpe:2.3:h:qualcomm:sa4155p:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm SA6145P

Moderate fix1 remedy

cpe:2.3:o:qualcomm:sa6145p_firmware:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm SA6150P

Moderate fix1 remedy

cpe:2.3:o:qualcomm:sa6150p_firmware:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm SA6155P

Moderate fix1 remedy

cpe:2.3:o:qualcomm:sa6155p_firmware:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm SA7255P

Moderate fix1 remedy

cpe:2.3:o:qualcomm:sa7255p_firmware:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm SA7775P

Moderate fix1 remedy

cpe:2.3:h:qualcomm:sa7775p:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm SA8145P

Moderate fix1 remedy

cpe:2.3:h:qualcomm:sa8145p:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm SA8150P

Moderate fix1 remedy

cpe:2.3:o:qualcomm:sa8150p_firmware:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm SA8155P

Moderate fix1 remedy

cpe:2.3:o:qualcomm:sa8155p_firmware:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm SA8195P

Moderate fix1 remedy

cpe:2.3:h:qualcomm:sa8195p:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm SA8255P

Moderate fix1 remedy

cpe:2.3:o:qualcomm:sa8255p_firmware:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm SA8295P

Moderate fix1 remedy

cpe:2.3:h:qualcomm:sa8295p:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm SA8620P

Moderate fix1 remedy

cpe:2.3:h:qualcomm:sa8620p:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm SA8770P

Moderate fix1 remedy

cpe:2.3:h:qualcomm:sa8770p:*:*:*:*:*:*:*, +3 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm SA9000P

Moderate fix1 remedy

cpe:2.3:h:qualcomm:sa9000p:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm SD662

Moderate fix1 remedy

cpe:2.3:h:qualcomm:sd662:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm SD865 5G

Moderate fix1 remedy

cpe:2.3:h:qualcomm:sd865_5g:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm SDA660

Moderate fix1 remedy

cpe:2.3:h:qualcomm:sda660:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm SDM429W

Moderate fix1 remedy

cpe:2.3:h:qualcomm:sdm429w:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm SDX61

Moderate fix1 remedy

cpe:2.3:o:qualcomm:sdx61_firmware:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm SM6225P

Moderate fix1 remedy

cpe:2.3:o:qualcomm:sm6225_firmware:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm SM6650P

Moderate fix1 remedy

cpe:2.3:o:qualcomm:sm6650_firmware:*:*:*:*:*:*:*

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm SM7325P

Moderate fix1 remedy

cpe:2.3:h:qualcomm:sm7325p:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm SM7435

Moderate fix1 remedy

cpe:2.3:o:qualcomm:sm7435_firmware:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm SM7550

Moderate fix1 remedy

cpe:2.3:o:qualcomm:sm7550_firmware:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm SM7635P

Moderate fix1 remedy

cpe:2.3:o:qualcomm:sm7635_firmware:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm SM7675

Moderate fix1 remedy

cpe:2.3:h:qualcomm:sm7675:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm SM8550P

Moderate fix1 remedy

cpe:2.3:h:qualcomm:sm8550p:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm SM8635

Moderate fix1 remedy

cpe:2.3:h:qualcomm:sm8635:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm SM8650Q

Moderate fix1 remedy

cpe:2.3:o:qualcomm:sm8650q_firmware:*:*:*:*:*:*:*

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm SM8750P

Moderate fix1 remedy

cpe:2.3:h:qualcomm:sm8750p:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.1

Qualcomm Smart Audio 400 Platform

Moderate fix1 remedy

cpe:2.3:o:qualcomm:smart_audio_400_platform_firmware:*:*:*:*:*:*:*, +3 more

Moderate fix1 remedy

>= 1.0, < 1.1

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

1.3

exploitability

2.9

remediation

7.7

relevance

3.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

1.3

exploitability

2.9

remediation

7.7

relevance

3.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.